package com.fingard.dsp.bank.directbank.cmbc02.util.cert;

import cmbc.cfca.sm2.signature.SM2PrivateKey;
import cmbc.cfca.sm2rsa.common.PKIException;
import cmbc.cfca.util.CertUtil;
import cmbc.cfca.util.KeyUtil;
import cmbc.cfca.x509.certificate.X509Cert;
import com.fingard.dsp.bank.directbank.cmbc02.CMBC02Base;
import com.fingard.dsp.bank.directbank.cmbc02.util.ErrorCode;
import com.fingard.dsp.bank.directbank.cmbc02.util.PlatformException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.FileInputStream;
import java.io.FileNotFoundException;


public class CertLoader {
	private static Logger logger = LoggerFactory.getLogger(CertLoader.class);

	public static Cert loadMerchantCert(String merchantNum, String certPath, String sm2Path, String sm2Password) throws PlatformException {
		Cert merchantCert = new Cert();
		try {
			merchantCert.merCert = loadCert(certPath);
			merchantCert.merPublicKey = merchantCert.merCert.getPublicKey();
			merchantCert.merSm2Cert = loadSm2(sm2Path);
			merchantCert.merPrivateKey = getSm2PrivateKey(sm2Path, sm2Password);

			merchantCert.merchantNum = merchantNum;
			merchantCert.merSm2Password = sm2Password;
		} catch (FileNotFoundException e) {
			throw new PlatformException(ErrorCode.UNPS_CORE_002, e.getMessage());
		} catch (PKIException e) {
			throw new PlatformException(ErrorCode.UNPS_CORE_002, e.getMessage());
		}
		return merchantCert;
	}

	public static Cert loadCmbcCert(String cmbcCertPath, String cmbcSm2Path, String cmbcSm2Password) throws PlatformException {
		Cert cmbcCert = new Cert();
		try {
			cmbcCert.cmbcCert = loadCert(cmbcCertPath);
			cmbcCert.cmbcPublicKey = cmbcCert.cmbcCert.getPublicKey();

			if (!CMBC02Base.isBlank(cmbcSm2Path) && !CMBC02Base.isBlank(cmbcSm2Password)) {
				cmbcCert.cmbcSm2Cert = loadSm2(cmbcSm2Path);
				cmbcCert.cmbcPrivateKey = getSm2PrivateKey(cmbcSm2Path, cmbcSm2Password);
				cmbcCert.cmbcSm2Password = cmbcSm2Password;
			}
		} catch (FileNotFoundException e) {
			throw new PlatformException(ErrorCode.UNPS_CORE_002, e.getMessage());
		} catch (PKIException e) {
			throw new PlatformException(ErrorCode.UNPS_CORE_002, e.getMessage());
		} catch (RuntimeException e) {
			logger.error("加载证书失败-" + cmbcCertPath + "-" + e.getMessage());
		}
		return cmbcCert;
	}

	public static  X509Cert loadCert(String fileName) throws FileNotFoundException, PKIException {
		X509Cert cert = null;
		FileInputStream inputStream = null;
		try {
			inputStream = new FileInputStream(fileName);
			cert = new X509Cert(inputStream);
			logger.info("加载证书成功-" + fileName);
		} catch (FileNotFoundException e) {
			logger.error("加载证书失败-" + fileName + "-" + e.getMessage());
			throw e;
		} catch (PKIException e) {
			logger.error("加载证书失败-" + fileName + "-" + e.getMessage());
			throw e;
		} catch (RuntimeException e) {
			logger.error("加载证书失败-" + fileName + "-" + e.getMessage());
		} finally {
			try {
				if (inputStream != null) {
					inputStream.close();
				}
			} catch (Exception e) {
			}
		}
		return cert;
	}

	public static X509Cert loadSm2(String fileName) throws PKIException {
		X509Cert cert = null;
		try {
			cert = CertUtil.getCertFromSM2(fileName);
			logger.info("加载证书成功-" + fileName);
		} catch (PKIException e) {
			logger.error("加载证书失败-" + fileName + "-" + e.getMessage());
			throw e;
		} catch (RuntimeException e) {
			logger.error("加载证书失败-" + fileName + "-" + e.getMessage());
		}
		return cert;
	}

	public static SM2PrivateKey getSm2PrivateKey(String sm2Path, String sm2Password) throws PKIException {
		SM2PrivateKey key = null;
		try {
			key = KeyUtil.getPrivateKeyFromSM2(sm2Path, sm2Password);
			logger.info("加载私钥成功-" + sm2Path);
		} catch (PKIException e) {
			logger.error("加载私钥失败-" + sm2Path + "-" + e.getMessage());
			throw e;
		} catch (RuntimeException e) {
			logger.error("加载私钥失败-" + sm2Path + "-" + e.getMessage());
		}
		return key;
	}

}
